Update docker-cluster to keycloak 1.4
This commit is contained in:
parent
8232773d97
commit
c5459b2614
6 changed files with 92 additions and 21 deletions
|
@ -19,7 +19,7 @@ $ cd distribution
|
||||||
$ mvn clean install
|
$ mvn clean install
|
||||||
````
|
````
|
||||||
|
|
||||||
3) Build Docker with maven to ensure that needed data will be accessible to Docker+Fig volumes:
|
3) Build docker-cluster module with maven to ensure that needed data will be accessible to Docker+Fig volumes:
|
||||||
```shell
|
```shell
|
||||||
$ cd $KEYCLOAK_HOME/testsuite/docker-cluster
|
$ cd $KEYCLOAK_HOME/testsuite/docker-cluster
|
||||||
$ mvn clean install
|
$ mvn clean install
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-wf8-adapter-dist</artifactId>
|
<artifactId>keycloak-wf9-adapter-dist</artifactId>
|
||||||
<type>zip</type>
|
<type>zip</type>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
|
@ -69,7 +69,7 @@
|
||||||
</artifactItem>
|
</artifactItem>
|
||||||
<artifactItem>
|
<artifactItem>
|
||||||
<groupId>org.keycloak</groupId>
|
<groupId>org.keycloak</groupId>
|
||||||
<artifactId>keycloak-wf8-adapter-dist</artifactId>
|
<artifactId>keycloak-wf9-adapter-dist</artifactId>
|
||||||
<type>zip</type>
|
<type>zip</type>
|
||||||
<version>${project.version}</version>
|
<version>${project.version}</version>
|
||||||
<outputDirectory>${project.build.directory}/wildfly-adapter</outputDirectory>
|
<outputDirectory>${project.build.directory}/wildfly-adapter</outputDirectory>
|
||||||
|
|
|
@ -12,24 +12,13 @@ mkdir -p mysql/main && mv /mysql-connector-java-5.1.32.jar mysql/main/
|
||||||
cp /keycloak-docker-cluster/shared-files/mysql-module.xml mysql/main/module.xml
|
cp /keycloak-docker-cluster/shared-files/mysql-module.xml mysql/main/module.xml
|
||||||
mv mysql $JBOSS_MODULES_HOME/com/
|
mv mysql $JBOSS_MODULES_HOME/com/
|
||||||
|
|
||||||
sed -i -e "s/<extensions>/&\n <extension module=\"org.keycloak.keycloak-server-subsystem\"\/>/" $JBOSS_HOME/standalone/configuration/standalone-ha.xml
|
# Transform standalone-keycloak-ha.xml
|
||||||
sed -i -e 's/<profile>/&\n <subsystem xmlns="urn:jboss:domain:keycloak-server:1.1">\n <auth-server name="main-auth-server">\n <enabled>true<\/enabled>\n <web-context>auth<\/web-context>\n <\/auth-server> \n <\/subsystem>/' $JBOSS_HOME/standalone/configuration/standalone-ha.xml && \
|
java -jar /usr/share/java/saxon.jar -s:$JBOSS_HOME/standalone/configuration/standalone-keycloak-ha.xml -xsl:/keycloak-docker-cluster/shared-files/standaloneXmlChanges.xsl -o:$JBOSS_HOME/standalone/configuration/standalone-keycloak-ha.xml
|
||||||
sed -i -e 's/<security-domains>/&\n <security-domain name="keycloak">\n <authentication>\n <login-module code="org.keycloak.adapters.jboss.KeycloakLoginModule" flag="required"\/>\n <\/authentication>\n <\/security-domain>/' $JBOSS_HOME/standalone/configuration/standalone-ha.xml && \
|
|
||||||
sed -i -e 's/<drivers>/&\n <driver name="mysql" module="com.mysql">\n <xa-datasource-class>com.mysql.jdbc.Driver<\/xa-datasource-class>\n <driver-class>com.mysql.jdbc.Driver<\/driver-class>\n <\/driver>/' $JBOSS_HOME/standalone/configuration/standalone-ha.xml && \
|
|
||||||
sed -i -e 's/<\/periodic-rotating-file-handler>/&\n <logger category=\"org.keycloak\">\n <level name=\"DEBUG\" \/> \n <\/logger>\n <logger category=\"org.jboss.resteasy.core.ResourceLocator\">\n <level name=\"ERROR\" \/> \n <\/logger>/' $JBOSS_HOME/standalone/configuration/standalone-ha.xml
|
|
||||||
|
|
||||||
sed -i -e 's/<subsystem xmlns=\"urn:jboss:domain:infinispan:[0-9]\.[0-9]\">/&\n <cache-container name=\"keycloak\" jndi-name=\"infinispan\/Keycloak\" start=\"EAGER\"> \
|
|
||||||
\n <transport lock-timeout=\"60000\"\/>\n <distributed-cache name=\"sessions\" mode=\"SYNC\" owners=\"2\" segments=\"60\"\/> \
|
|
||||||
\n <distributed-cache name=\"loginFailures\" mode=\"SYNC\" owners=\"2\" segments=\"60\"\/> \
|
|
||||||
\n <invalidation-cache name=\"realms\" mode=\"SYNC\"\/>\n \
|
|
||||||
\n <invalidation-cache name=\"users\" mode=\"SYNC\"\/>\n <\/cache-container>/' $JBOSS_HOME/standalone/configuration/standalone-ha.xml
|
|
||||||
|
|
||||||
sed -i "s|<mod-cluster-config .*>|<mod-cluster-config advertise-socket=\"modcluster\" proxy-list=\"\$\{httpd.proxyList\}\" proxy-url=\"\/\" balancer=\"mycluster\" advertise=\"false\" connector=\"ajp\" sticky-session=\"true\">|" $JBOSS_HOME/standalone/configuration/standalone-ha.xml
|
|
||||||
|
|
||||||
sed -i "s|#JAVA_OPTS=\"\$JAVA_OPTS -agentlib:jdwp=transport=dt_socket|JAVA_OPTS=\"\$JAVA_OPTS -agentlib:jdwp=transport=dt_socket|" $JBOSS_HOME/bin/standalone.conf
|
sed -i "s|#JAVA_OPTS=\"\$JAVA_OPTS -agentlib:jdwp=transport=dt_socket|JAVA_OPTS=\"\$JAVA_OPTS -agentlib:jdwp=transport=dt_socket|" $JBOSS_HOME/bin/standalone.conf
|
||||||
|
|
||||||
cp /keycloak-docker-cluster/shared-files/mysql-keycloak-ds.xml $JBOSS_HOME/standalone/deployments/
|
cp /keycloak-docker-cluster/shared-files/mysql-keycloak-ds.xml $JBOSS_HOME/standalone/deployments/
|
||||||
|
|
||||||
# Enable Infinispan provider
|
# Enable Infinispan provider
|
||||||
sed -i "s|\"provider\".*: \"mem\"|\"provider\": \"infinispan\"|" $JBOSS_HOME/standalone/configuration/keycloak-server.json
|
#sed -i "s|\"provider\".*: \"mem\"|\"provider\": \"infinispan\"|" $JBOSS_HOME/standalone/configuration/keycloak-server.json
|
||||||
sed -i -e "s/\"connectionsJpa\"/\n \"connectionsInfinispan\": \{\n \"default\" : \{\n \"cacheContainer\" : \"java:jboss\/infinispan\/Keycloak\"\n \}\n \},\n &/" $JBOSS_HOME/standalone/configuration/keycloak-server.json
|
#sed -i -e "s/\"connectionsJpa\"/\n \"connectionsInfinispan\": \{\n \"default\" : \{\n \"cacheContainer\" : \"java:jboss\/infinispan\/Keycloak\"\n \}\n \},\n &/" $JBOSS_HOME/standalone/configuration/keycloak-server.json
|
||||||
|
|
|
@ -73,6 +73,6 @@ export JBOSS_HOME=/keycloak-docker-shared/keycloak-$JBOSS_TYPE-$MYHOST;
|
||||||
|
|
||||||
cd $JBOSS_HOME/bin/
|
cd $JBOSS_HOME/bin/
|
||||||
|
|
||||||
./standalone.sh -c standalone-ha.xml -Djboss.node.name=$MYHOST -b `hostname -i` -Djboss.mod_cluster.jvmRoute=$MYHOST \
|
./standalone.sh -c standalone-keycloak-ha.xml -Djboss.node.name=$MYHOST -b `hostname -i` -Djboss.mod_cluster.jvmRoute=$MYHOST \
|
||||||
-Dmysql.host=$MYSQL_PORT_3306_TCP_ADDR -Dhttpd.proxyList=$HTTPD_1_PORT_10001_TCP_ADDR:$HTTPD_PORT_10001_TCP_PORT \
|
-Dmysql.host=$MYSQL_PORT_3306_TCP_ADDR -Dhttpd.proxyHost=$HTTPD_1_PORT_10001_TCP_ADDR -Dhttpd.proxyPort=$HTTPD_PORT_10001_TCP_PORT \
|
||||||
-Dkeycloak.import=/keycloak-docker-cluster/examples/testrealm.json "$@"
|
-Dkeycloak.import=/keycloak-docker-cluster/examples/testrealm.json "$@"
|
||||||
|
|
|
@ -0,0 +1,82 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
|
||||||
|
<xsl:stylesheet version="2.0"
|
||||||
|
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
|
||||||
|
xmlns:xalan="http://xml.apache.org/xalan"
|
||||||
|
xmlns:ds="urn:jboss:domain:datasources:3.0"
|
||||||
|
xmlns:logging="urn:jboss:domain:logging:3.0"
|
||||||
|
xmlns:ispn="urn:jboss:domain:infinispan:3.0"
|
||||||
|
xmlns:mcluster="urn:jboss:domain:modcluster:2.0"
|
||||||
|
xmlns:server="urn:jboss:domain:3.0"
|
||||||
|
exclude-result-prefixes='ds logging ispn mcluster xalan server'
|
||||||
|
>
|
||||||
|
|
||||||
|
<xsl:output method="xml" indent="yes" xalan:indent-amount="4" standalone="no"/>
|
||||||
|
<xsl:strip-space elements="*"/>
|
||||||
|
|
||||||
|
<xsl:template match="//ds:subsystem/ds:datasources/ds:datasource[@jndi-name='java:jboss/datasources/KeycloakDS']" >
|
||||||
|
<ds:datasource jndi-name="java:jboss/datasources/KeycloakDS" pool-name="KeycloakDS" enabled="true" use-java-context="true">
|
||||||
|
<ds:connection-url>jdbc:mysql://${mysql.host}/keycloak_db</ds:connection-url>
|
||||||
|
<ds:driver>mysql</ds:driver>
|
||||||
|
<ds:security>
|
||||||
|
<ds:user-name>root</ds:user-name>
|
||||||
|
<ds:password>mysecretpassword</ds:password>
|
||||||
|
</ds:security>
|
||||||
|
</ds:datasource>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<xsl:template match="//ds:subsystem/ds:datasources/ds:drivers">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:apply-templates select="@*|node()"/>
|
||||||
|
<ds:driver name="mysql" module="com.mysql">
|
||||||
|
<ds:xa-datasource-class>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</ds:xa-datasource-class>
|
||||||
|
</ds:driver>
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<xsl:template match="//logging:subsystem/logging:periodic-rotating-file-handler">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:apply-templates select="@*|node()"/>
|
||||||
|
</xsl:copy>
|
||||||
|
<logging:logger category="org.keycloak">
|
||||||
|
<logging:level name="DEBUG" />
|
||||||
|
</logging:logger>
|
||||||
|
<logging:logger category="org.jboss.resteasy.core.ResourceLocator">
|
||||||
|
<logging:level name="ERROR" />
|
||||||
|
</logging:logger>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<xsl:template match="//ispn:subsystem/ispn:cache-container[@name='keycloak']">
|
||||||
|
<ispn:cache-container name="keycloak" jndi-name="infinispan/Keycloak">
|
||||||
|
<ispn:transport lock-timeout="60000"/>
|
||||||
|
<ispn:invalidation-cache name="realms" mode="SYNC"/>
|
||||||
|
<ispn:invalidation-cache name="users" mode="SYNC"/>
|
||||||
|
<ispn:distributed-cache name="sessions" mode="SYNC" owners="2"/>
|
||||||
|
<ispn:distributed-cache name="loginFailures" mode="SYNC" owners="2"/>
|
||||||
|
</ispn:cache-container>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<xsl:template match="//mcluster:subsystem/mcluster:mod-cluster-config">
|
||||||
|
<mcluster:mod-cluster-config advertise-socket="modcluster" proxies='myproxy' proxy-url="/" balancer="mycluster" advertise="false" connector="ajp" sticky-session="true">
|
||||||
|
<mcluster:dynamic-load-provider>
|
||||||
|
<mcluster:load-metric type="cpu"/>
|
||||||
|
</mcluster:dynamic-load-provider>
|
||||||
|
</mcluster:mod-cluster-config>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<xsl:template match="//server:socket-binding-group">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:apply-templates select="@*|node()"/>
|
||||||
|
<server:outbound-socket-binding name="myproxy">
|
||||||
|
<server:remote-destination host="${{httpd.proxyHost}}" port="${{httpd.proxyPort}}"/>
|
||||||
|
</server:outbound-socket-binding>
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
<xsl:template match="@*|node()">
|
||||||
|
<xsl:copy>
|
||||||
|
<xsl:apply-templates select="@*|node()"/>
|
||||||
|
</xsl:copy>
|
||||||
|
</xsl:template>
|
||||||
|
|
||||||
|
</xsl:stylesheet>
|
|
@ -1,4 +1,4 @@
|
||||||
FROM jboss/wildfly:8.2.0.Final
|
FROM jboss/wildfly:9.0.1.Final
|
||||||
|
|
||||||
USER root
|
USER root
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue